Re: GNU Guix 1.3.0rc1 available for testing!

[Maxim Cournoyer]

Hi Leo,

Thanks for the feedback!

Leo Famulari <leo@famulari.name> writes:

> On Sat, May 01, 2021 at 10:52:18PM -0400, Maxim Cournoyer wrote:
>> > https://guix.gnu.org/manual/en/
>> > https://guix.gnu.org/manual/devel/en/
>> 
>> Thank you for pointing that issue; I caught the problem with
>> guix-install.sh before posting, but overlooked that one.  As you
>> pointed, that won't be reflected on our website, but I agree that having
>> the new key covered in the devel manual (master branch) is already an
>> improvement.  The attached patch augments the manual to cover for the
>> new key.  Let me know if it looks good to you.  If it does, I will push
>> it to the master branch (IIUC we can't push this change to the
>> version-1.3.0 branch as that would break the string freeze there).

I've clarified this with Julien, our Natural Language Support (NLS)
expert, and they said: "As long as you change only examples, @code, @url
etc, fragments I should be able to do the change manually in the po
files even if I don't know the language".  So this mean we can carefully
update some very limited parts of the manual; Julien will do one last
pass to adjust the .po files accordingly before the release.

[...]

> Your patch looks good except that the instructions about 'mykeyring.kbx'
> are a no-op: The created keyring contains no keys afterwards. This is
> with GnuPG 2.2.27 from current Guix. We should just remove these
> instructions since "--recv-keys" almost never works these days, since
> the keyserver network collapsed. For example:
>
> ------
> $ gpg --no-default-keyring --keyring mykeyring.kbx --recv-keys 
> 27D586A4F8900854329FF09F1260E46482E63562 
> gpg: keybox '/home/leo/.gnupg/mykeyring.kbx' created            
> gpg: WARNING: server 'dirmngr' is older than us (2.2.12 < 2.2.27)
> gpg: Note: Outdated servers may lack important security fixes.
> gpg: Note: Use the command "gpgconf --kill all" to restart them.
> gpg: key 1260E46482E63562: no user ID
> gpg: Total number processed: 1
> $ gpg --no-default-keyring --keyring mykeyring.kbx --recv-keys 
> 3CE464558A84FDC69DB40CFB090B11993D9AEBB5  
> gpg: WARNING: server 'dirmngr' is older than us (2.2.12 < 2.2.27)             
>                                            
> gpg: Note: Outdated servers may lack important security fixes.
> gpg: Note: Use the command "gpgconf --kill all" to restart them.
> gpg: key 090B11993D9AEBB5: no user ID
> gpg: Total number processed: 1
> $ cat ~/.gnupg/mykeyring.kbx 
>  KBXf`)y`)y%
> $ wc -c ~/.gnupg/mykeyring.kbx
> 32 /home/leo/.gnupg/mykeyring.kbx
> ------
>
> As you can see, it does not contain two PGP keys.

FWIW, it worked for me:

$ gpg --no-default-keyring --keyring mykeyring.kbx --recv-keys 
27D586A4F8900854329FF09F1260E46482E63562
gpg: keybox '/home/maxim/.gnupg/mykeyring.kbx' created
gpg: key 1260E46482E63562: public key "Maxim Cournoyer 
<maxim.cournoyer@gmail.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
maxim@hurd ~/src/guix [env]$ gpg --no-default-keyring --keyring mykeyring.kbx 
--recv-keys 3CE464558A84FDC69DB40CFB090B11993D9AEBB5  
gpg: key 090B11993D9AEBB5: public key "Ludovic Courtès <ludo@gnu.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1
maxim@hurd ~/src/guix [env]$ 
maxim@hurd ~/src/guix [env]$ wc -c ~/.gnupg/mykeyring.kbx
8781 /home/maxim/.gnupg/mykeyring.kbx

I had similar bad experience in the past, but my understanding was that
these problems had been (mostly?) resolved.  In case the default server
is often problematic, we could perhaps suggest an alternative that is
known to be reliable (if such an alternative exists?).

I've pushed a commit to master; and a slightly different one to
version-1.3.0 later, adjusting the commit so as the manual text is
untouched.

Thank you!

Maxim